A security administrator is performing VDI traffic data collection on a virtual server which migrates from onehost to another. While reviewing the data collected by the protocol analyzer, the security administrator noticesthat sensitive data is present in the packet capture. Which of the following should the security administratorrecommend to ensure the confidentiality of sensitive information […]

A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISOwants to know upfront what the projected TCO would be before looking further into this concern. Two vendorproposals have been received:Vendor A: product-based solution which can be purchased by the pharmaceutical company.Capital expenses to cover central log collectors, correlators, storage […]

A company has received the contract to begin developing a new suite of software tools to replace an agingcollaboration solution. The original collaboration solution has been in place for nine years, contains over amillion lines of code, and took over two years to develop originally. The SDLC has been broken up into eightprimary stages, with […]

The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve companyemployees who call with computer-related problems. The helpdesk staff is currently unable to perform effectivetroubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff islocated within the company headquarters and 90% of the […]

A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of thePOS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. Anadditional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voiceconnectivity for store VoIP […]

An analyst connects to a company web conference hosted on www.webconference.com/meetingID#01234 andobserves that numerous guests have been allowed to join, without providing identifying information. The topicscovered during the web conference are considered proprietary to the company. Which of the following securityconcerns does the analyst present to management? A. Guest users could present a risk to […]

A security engineer is a new member to a configuration board at the request of management. The companyhas two new major IT projects starting this year and wants to plan security into the application deployment. Theboard is primarily concerned with the applications’ compliance with federal assessment and authorizationstandards. The security engineer asks for a timeline […]

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin herinvestigative work, she runs the following nmap command string:user@hostname:~$ sudo nmap O 192.168.1.54Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open onthe device:TCP/22TCP/111TCP/512-514TCP/2049TCP/32778Based on this information, […]